aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius/radius_client.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-05-30 17:46:20 (GMT)
committerJouni Malinen <j@w1.fi>2014-05-30 17:46:20 (GMT)
commit09844c09843bda15759e258d9ac6377346446454 (patch)
tree16cf54a2cf650b965ec5d3477cd141c88033a15d /src/radius/radius_client.c
parent5d67bf1566d22542e95c90c9394e372184b0831f (diff)
downloadhostap-09844c09843bda15759e258d9ac6377346446454.zip
hostap-09844c09843bda15759e258d9ac6377346446454.tar.gz
hostap-09844c09843bda15759e258d9ac6377346446454.tar.bz2
RADIUS client: Do not flush pending messages if server did not change
The re-open socket to the current RADIUS server code path did not work in the expected way here. The pending authentication messages do not need to be flushed in that case and neither should the retransmission parameters be cleared. Fix this by performing these operations only if the server did actually change as a part of a failover operation. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/radius/radius_client.c')
-rw-r--r--src/radius/radius_client.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/radius/radius_client.c b/src/radius/radius_client.c
index e876e8f..a7f1115 100644
--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@@ -972,9 +972,10 @@ radius_change_server(struct radius_client_data *radius,
hostapd_ip_txt(&nserv->addr, abuf, sizeof(abuf)),
nserv->port);
- if (!oserv || nserv->shared_secret_len != oserv->shared_secret_len ||
- os_memcmp(nserv->shared_secret, oserv->shared_secret,
- nserv->shared_secret_len) != 0) {
+ if (oserv && oserv != nserv &&
+ (nserv->shared_secret_len != oserv->shared_secret_len ||
+ os_memcmp(nserv->shared_secret, oserv->shared_secret,
+ nserv->shared_secret_len) != 0)) {
/* Pending RADIUS packets used different shared secret, so
* they need to be modified. Update accounting message
* authenticators here. Authentication messages are removed
@@ -992,7 +993,8 @@ radius_change_server(struct radius_client_data *radius,
}
/* Reset retry counters for the new server */
- for (entry = radius->msgs; entry; entry = entry->next) {
+ for (entry = radius->msgs; oserv && oserv != nserv && entry;
+ entry = entry->next) {
if ((auth && entry->msg_type != RADIUS_AUTH) ||
(!auth && entry->msg_type != RADIUS_ACCT))
continue;